Please login here to save this document to a list.
If you don't have an account, you can register for free here.
$79.00
ALL FEES INCLUDED
| Add to Cart |
HIGHLIGHTS
BENEFITS OF DOCUMENT
DOCUMENT DESCRIPTION
This Cloud Security and Risk Standards Self Assessment helps you diagnose and address the following issues and questions:
IDS/IPS traffic pattern analysis can often detect or block attacks such as a denial-of-service attack or a network scan. However, in some cases this is legitimate traffic (such as using cloud infrastructure for load testing or security testing). Does the cloud provider have a documented exception process for allowing legitimate traffic that the IDS/IPS flags as an attack pattern?
It is clear that the CSP will face a large number of requests from its customers to prove that the CSP is secure and reliable. There a number of audit and compliance considerations for both the CSP and the customer to consider in cloud computing. First, which compliance framework should a CSP adopt to satisfy its customers and manage its own risks?
In addition to the security of your own customer data, customers should also be concerned about what data the provider collects and how the CSP protects that data. Specifically with regard to your customer data, what metadata does the provider have about your data, how is it secured, and what access do you, the customer, have to that metadata?
IDS/IPS content matching can detect or block known malware attacks, virus signatures, and spam signatures, but are also subject to false positives. If the cloud provider provides IDS/IPS services, is there a documented exception process for allowing legitimate traffic that has content similar to malware attacks or spam?
Security and authentication technologies, allied to event logging, in the cloud computing environment can help auditors as they deal with issues related to workflow were those who entered, approved, changed or otherwise touched data authorized to do so, on an individual, group or role-related basis?
As a CSP undertakes to build out or take a fresh look at its service offerings, the CSP should clearly define its business strategy and related risk management philosophy. What market segments or industries does the CSP intend to serve?
How do you know that a breach has occurred, how do you ensure that the CSP notifies you when a breach occurs, and who is responsible for managing the breach notification process (and costs associated with the process)?
An extra consideration when using cloud services concerns the handling of encryption keys – where are the keys stored and how are they made available to application code that needs to decrypt the data for processing?
Another critical success factor is that appropriate governance needs to be in place. That is, is an appropriate organizational structure in place to manage the organization facing the cloud computing solution?
The Self Assessment tool is built in MS Excel. The above preview showcases an example of a completed version. The secondary document includes a blank template, as well as a detailed 140+ page PDF guide. The guide provides a convenient way to distribute and share among the participants to prepare and discuss the Self Assessment.
Got a question about the product? Email us at [email protected] or ask the author directly by using the "Ask the Author a Question" form. If you cannot view the preview above this document description, go here to view the large preview instead.
Source: Best Practices in Cloud Excel: Assessment Dashboard - Cloud Security and Risk Standards Excel (XLSX) Spreadsheet, Gerard Blokdijk
ABOUT THE AUTHOR: GERARD BLOKDIJK
Gerard is the CEO at The Art of Service. He has been providing information technology insights, talks, tools and products to organizations in a wide range of industries for over 25 years. Gerard is a widely recognized and respected information expert. Gerard founded The Art of Service consulting business in 2000. Gerard has authored numerous published books to date.
Gerard Blokdijk has published 301 additional documents on Flevy.
DETAILS
This business document is categorized under the function(s): Information Technology Governance, Risk, & Compliance
It applies to All Industries
File Size: 473.3 KB
Related Topic(s): Cloud
Purchase includes lifetime product updates. After your purchase, you will receive an email to download this document.
This product contains a supplemental ZIP document.
Initial upload date (first version): Oct 26, 2017
Most recent version published: Oct 30, 2017
![]() | Download our free compilation of 50+ Strategy & Transformation slides and templates. Frameworks include McKinsey 7-S Strategy Model, Balanced Scorecard, Disruptive Innovation, BCG Experience Curve, and many more. To receive this free download, enter your email address below and click the "Email Me" button. |
|
"As an Independent Management Consultant, I find Flevy to add great value as a source of best practices, templates and information on new trends. Flevy has matured and the quality and quantity of the library is excellent. Lastly the price charged is reasonable, creating a win-win value for the customer, Flevy and the various authors. This is truly a service that benefits the consulting industry and associated clients. Thanks for providing this service. "
– Jim Schoen, Principal at FRC Group
|
|
"FlevyPro has been a brilliant resource for me, as an independent growth consultant, to access a vast knowledge bank of presentations to support my work with clients. In terms of RoI, the value I received from the very first presentation I downloaded paid for my subscription many times over! The quality of the decks available allows me to punch way above my weight – it's like having the resources of a Big 4 consultancy at your fingertips at a microscopic fraction of the overhead."
– Roderick Cameron, Founding Partner at SGFE Ltd
|
|
"[Flevy] produces some great work that has been/continues to be of immense help not only to myself, but as I seek to provide professional services to my clients, it give me a large "tool box" of resources that are critical to provide them with the quality of service and outcomes they are expecting."
– Royston Knowles, Executive with 50+ Years of Board Level Experience
|
|
"I have used Flevy services for a number of years and have never, ever been disappointed. As a matter of fact, David and his team continue, time after time, to impress me with their willingness to assist and in the real sense of the word. I have concluded in fact that it is not at all just a repository of documents/resources but, in the way that David and his team manage the firm, it is like dealing with consultants always ready to assist, advise and direct you to what you really need, and they always get it right.
I am an international hospitality accomplished senior executive who has worked and lived during the past 35 years in 23 countries in 5 continents and I can humbly say that I know what customer service is, trust me. Aside from the great and professional service that Flevy's team provide, their wide variety of material is of utmost great quality, professionally put together and most current. Well done Flevy, keep up the great work and I look forward to continue working with you in the future and to recommend you to a variety of colleagues around the world." – Roberto Pelliccia, Senior Executive in International Hospitality
|
|
"Flevy is now a part of my business routine. I visit Flevy at least 3 times each month.
Flevy has become my preferred learning source, because what it provides is practical, current, and useful in this era where the business world is being rewritten. In today's environment where there are so many challenges and there is the need to make the right decisions in a short time, with so much scattered information, we are fortunate to have Flevy. Flevy investigates, selects, and puts at our disposal the best of the best to help us be successful in our work." – Omar Hernán Montes Parra, CEO at Quantum SFE
|
|
"If you are looking for great resources to save time with your business presentations, Flevy is truly a value-added resource. Flevy has done all the work for you and we will continue to utilize Flevy as a source to extract up-to-date information and data for our virtual and onsite presentations!"
– Debbi Saffo, President at The NiKhar Group
|
|
"I have found Flevy to be an amazing resource and library of useful presentations for lean sigma, change management and so many other topics. This has reduced the time I need to spend on preparing for my performance consultation. The library is easily accessible and updates are regularly provided. A wealth of great information."
– Cynthia Howard RN, PhD, Executive Coach at Ei Leadership
|
|
"One of the great discoveries that I have made for my business is the Flevy library of training materials.
As a Lean Transformation Expert, I am always making presentations to clients on a variety of topics: Training, Transformation, Total Productive Maintenance, Culture, Coaching, Tools, Leadership Behavior, etc. Flevy usually has just what I need to make my point. It is well worth the money to purchase these presentations. Sure, I have the knowledge and information to make my point. It is another thing to create a presentation that captures what I want to say. Flevy has saved me countless hours of preparation time that is much better spent with implementation that will actually save money for my clients." – Ed Kemmerling, Senior Lean Transformation Expert at PMG
|
![]() Do You Want to Get Lean?
We've assembled 40 Lean Six Sigma guides: Lean Management, Six Sigma, Strategy Planning, Process, and Change Management.
|
![]() Waste Too Much Time on PowerPoint?
Get our FREE PowerPoint Plugin (Flevy Tools) for creating common business diagrams, from Gantt Charts to Harvey Balls.
|
![]() Do You Run a Consulting Firm?
Learn how to level the playing field with global consulting firms, like McKinsey, BCG, Bain, E&Y, and Accenture.
|
![]() Need Help with PowerPoint or Excel?
Have our highly trained staff create the exact documents you need. We offer PowerPoint and Excel document creation services.
|
© 2012-2023 Copyright. Flevy LLC. All Rights Reserved.